ioc[.]one - OSINT Cyber Threat Intelligence Database

Attack Cases of CoinMiners Mining Ethereum Classic Coins - ASEC BLOG

Tags

country:	Poland
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Tool - T1588.002 Mshta - T1170

Show in Graph

Common Information

Type	Value
UUID	bc932195-255c-417d-a7c8-ba629bc97428
Fingerprint	f02d07668cffbf06
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 31, 2023, 9:32 a.m.
Added to db	Jan. 31, 2023, 6:46 a.m.
Last updated	Oct. 24, 2024, 12:04 p.m.
Headline	Attack Cases of CoinMiners Mining Ethereum Classic Coins
Title	Attack Cases of CoinMiners Mining Ethereum Classic Coins - ASEC BLOG
Detected Hints/Tags/Attributes	47/3/69

Source URLs

	Redirection	Url
Details	Source	https://asec.ahnlab.com/en/46774/

URL Provider

Details	Provider	Source level domain
Details	ahnlab.com	asec.ahnlab.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	17	✔	ASEC	https://asec.ahnlab.com/en/feed/	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	1	asia2.ethermine.org
Details	Domain	1	elektroda.pl
Details	Domain	1	asia1-etc.ethermine.org
Details	Domain	1	us1-etc.ethermine.org
Details	Domain	1	eu1-etc.ethermine.org
Details	Domain	1	priv8note.net
Details	Domain	41	steamcommunity.com
Details	Domain	22	mas.to
Details	File	1	dnspy.dll
Details	File	1	dnspyplus.exe
Details	File	21	m.exe
Details	File	1	nbminer.exe
Details	File	1	elektroda.pl
Details	File	1	%appdata%\dnscache\dnscleaner.exe
Details	File	1	dnscleaner.exe
Details	File	1	dnscache.exe
Details	File	1	%appdata%\dnscache\dnscache.exe
Details	File	11	rl_generic.c4
Details	File	1	clipbanker.c4
Details	File	1	m.jpg
Details	File	10	u.exe
Details	File	2	obs.exe
Details	File	10	b.exe
Details	File	13	d.exe
Details	md5	1	5503eec7cb0ca25f1ecb0702acd14fba
Details	md5	1	436efede151a6b24171e4f7e7deb07bc
Details	md5	1	aa2294040015cedbf94a56845f80e144
Details	md5	1	51ff42d909a879d42eb5f0e643aab806
Details	md5	1	1b2878db748ddb13a90444ab36bae825
Details	md5	1	76b091bf16f1c11a72c4df12974215f0
Details	md5	1	54539d31c30670f1f9c0104ed1b6e661
Details	md5	1	8a49833ca67c783481869f99fba5566e
Details	md5	1	f7bf1fd41df3159c5d6142c2b696bef3
Details	md5	1	1575b49ffd9402c9b9186d803d491732
Details	md5	1	ad7858b9bbe0bdccae61cff787024ef9
Details	md5	8	0a50081a6cd37aea0945c91de91c5d97
Details	IPv4	1	149.102.129.194
Details	IPv4	3	95.217.29.31
Details	IPv4	1	116.202.3.192
Details	IPv4	1	49.12.113.223
Details	IPv4	1	95.217.31.129
Details	IPv4	1	88.99.120.225
Details	IPv4	1	195.201.252.143
Details	IPv4	1	95.216.182.219
Details	IPv4	1	95.217.246.41
Details	IPv4	1	95.217.27.155
Details	IPv4	1	95.216.181.10
Details	IPv4	1	95.216.182.38
Details	IPv4	1	176.57.150.117
Details	Url	1	https://priv8note.net/r/ipcontent
Details	Url	1	https://steamcommunity.com/profiles/76561199436777531
Details	Url	1	http://95.217.29.31/1758
Details	Url	1	http://116.202.3.192/1758
Details	Url	1	http://49.12.113.223/1758
Details	Url	2	https://mas.to
Details	Url	1	http://95.217.31.129/1758
Details	Url	1	http://88.99.120.225/1758
Details	Url	1	http://195.201.252.143/1758
Details	Url	1	http://95.216.182.219/1758
Details	Url	1	http://95.217.246.41/1758
Details	Url	1	http://95.217.27.155/1758
Details	Url	1	https://c.im
Details	Url	1	http://95.216.181.10/1758
Details	Url	1	http://95.216.182.38/1758
Details	Url	1	http://176.57.150.117/m.jpg
Details	Url	1	http://176.57.150.117/b.exe
Details	Url	1	http://176.57.150.117/d.exe
Details	Url	1	http://176.57.150.117/u.exe
Details	Url	1	http://176.57.150.117/obs.exe